From Fedora Project Wiki
(Created page with '<!-- All fields on this form are required to be accepted by FESCo. We also request that you maintain the same order of sections so that all of the feature pages are uniform. --...')
 
Line 19: Line 19:


== Detailed Description ==
== Detailed Description ==
SCAP is a line of standards managed by NIST. It was created to provide a standardized approach to maintaining the security of systems, such as automatically verifying the presence of patches, checking system security configuration settings, and examining systems for signs of compromise.
SCAP is a line of standards managed by [http://scap.nist.gov/ NIST]. It was created to provide a standardized approach to maintaining the security of systems, such as automatically verifying the presence of patches, checking system security configuration settings, and examining systems for signs of compromise.


The SCAP suite contains multiple complex data exchange formats that are to be used to transmit important vulnerability, configuration, and other security data. Historically, there have been few tools that provide a way to query this data in the needed format. This lack of tools makes the barrier to entry very high and discourages adoption of these protocols by the community. It's a goal of OpenSCAP project to create a framework of libraries to improve the accessibility of SCAP and enhance the usability of the information it represents.
The SCAP suite contains multiple complex data exchange formats that are to be used to transmit important vulnerability, configuration, and other security data. Historically, there have been few tools that provide a way to query this data in the needed format. This lack of tools makes the barrier to entry very high and discourages adoption of these protocols by the community. It's a goal of OpenSCAP [http://www.open-scap.org/page/Main_Page project] to create a framework of libraries to improve the accessibility of SCAP and enhance the usability of the information it represents.


== Benefit to Fedora ==
== Benefit to Fedora ==

Revision as of 11:59, 22 June 2010


OpenSCAP

Summary

Provide open-source Security Content Automation Protocol (SCAP) framework, basic set of applications and OVAL/XCCDF security content for Fedora 14.

Owner

Current status

  • Targeted release: Fedora 14
  • Last updated: 22-Jun-2010
  • Percentage of completion: 0%

Detailed Description

SCAP is a line of standards managed by NIST. It was created to provide a standardized approach to maintaining the security of systems, such as automatically verifying the presence of patches, checking system security configuration settings, and examining systems for signs of compromise.

The SCAP suite contains multiple complex data exchange formats that are to be used to transmit important vulnerability, configuration, and other security data. Historically, there have been few tools that provide a way to query this data in the needed format. This lack of tools makes the barrier to entry very high and discourages adoption of these protocols by the community. It's a goal of OpenSCAP project to create a framework of libraries to improve the accessibility of SCAP and enhance the usability of the information it represents.

Benefit to Fedora

Scope

How To Test

User Experience

Dependencies

Contingency Plan

Documentation

Release Notes

Comments and Discussion